[Freeipa-devel] [PATCH] Add {user, host, sourcehost}Category to HBAC and make accessTime multivalue.
Pavel Zuna
pzuna at redhat.com
Thu Nov 26 15:38:58 UTC 2009
Rob Crittenden wrote:
> Pavel Zuna wrote:
>> Due to the format of accessTime (it has commas and spaces in it), we
>> can't use the List parameter type. I made it so that accessTime values
>> have to be entered one by one using new commands.
>>
>> We also agreed, that we're going to rename GeneralizedTime parameter
>> to AccessTime to prevent confusion with RFC 4517 standard. I attached
>> a separate patch for clarity.
>>
>> Pavel
>
> A couple of questions:
>
> - Would it make sense to leave time in as an option that takes a
> singular value? If someone wants multiple times they can use the new add
> interface, right?
It would and I think it's a good idea, updated patch attached.
> - What are these new enums for? If there is only one choice do you
> really have a choice?
Well for now, we only have the 'all' in categories, but the list is
expected to grow. At first I didn't include categories in the plugin,
because of this, but Sumit wanted it to be complete.
> - We still need some tests for GeneralizedTime/AccessTime.
Ok, added to my TODO list.
>
> rob
Pavel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0004-Add-user-host-sourcehost-Category-to-HBAC-and-make.patch
Type: application/mbox
Size: 6311 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20091126/a1b451ba/attachment.mbox>
More information about the Freeipa-devel
mailing list